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Besides respecting prescribed protocols, communication-centric systems should never “get stuck”. 

This requirement has been expressed by liveness properties such as progress or (dead)lock freedom. 
Several typing disciplines that ensure these properties for mobile processes have been proposed. 
Unfortunately, very little is known about the precise relationship between these disciplines-and the 
classes of typed processes they induce. 

In this paper, we compare ^ and ^, two classes of deadlock-free, session typed concurrent 
processes. The class ££ stands out for its canonicity: it results naturally from interpretations of 
linear logic propositions as session types. The class ^, obtained by encoding session types into 
Kobayashi’s usage types, includes processes not typable in other type systems. 

We show that ^ is strictly included in . We also identify the precise condition under which 
^ and cj^coincide. One key observation is that the degree of sharing between parallel processes 
determines a new expressiveness hierarchy for typed processes. We also provide a type-preserving 
rewriting procedure of processes in processes in . This procedure suggests that, while 

effective, the degree of sharing is a rather subtle criteria for distinguishing typed processes. 

1 Introduction 

The goal of this work is to formally relate different type systems for the Ti-calculus. Our interest 
is in session-based concurrency, a type-based approach to communication correctness: dialogues be¬ 
tween participants are structured into sessions, basic communication units; descriptions of interaction 
sequences are then abstracted as session types ifT^ which are checked against process specifications. 
We offer the first formal comparison between different type systems that enforce (dead)lock freedom, 
the liveness property that ensures session communications never “get stuck”. Our approach relates the 
classes of typed processes that such systems induce. To this end, we identify a property on the structure 
of typed parallel processes, the degree of sharing, which is key in distinguishing two salient classes of 
deadlock-free session processes, and in shedding light on their formal underpinnings. 

In session-based concurrency, types enforce correct communications through different safety and 
liveness properties. Basic correctness properties are communication safety and session fidelity, while the 
former ensures absence of errors (e.g., communication mismatches), the latter ensures that well-typed 
processes respect the protocols prescribed by session types. Moreover, a central (liveness) property for 
safe processes is that they should never “get stuck”. This is the well-known progress property, which 
asserts that a well-typed term either is a final value or can further reduce ifTTl . In calculi for concurrency, 
this property has been formalized as deadlock freedom (“a process is deadlock-free if it can always reduce 
until it eventually terminates, unless the whole process diverges” ifTSl ) or as lock freedom (“a process is 
lock free if it can always reduce until it eventually terminates, even if the whole process diverges” ifTSl ). 
Notice that in the absence of divergent behaviors, deadlock and lock freedom coincide. 

(Dead)lock freedom guarantees that all communications will eventually succeed, an appealing re¬ 
quirement for communicating processes. Several advanced type disciplines that ensure deadlock-free 
processes have been proposed (see, e.g., |l2][3l|5l|T0l[T3l[T5l[T6l|20l). Unfortunately, these disciplines con¬ 
sider different process languages and/or are based on rather different principles. As a result, very little 
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is known about how they relate to each other. This begs several research questions: What is the formal 
relationship between these type disciplines? What classes of deadlock-free processes do they induce? 

In this paper, we tackle these open questions by comparing .if and JC, two salient classes of 
deadlock-free, session typed processes (Definition 14.21) : 

• .if contains all session processes that are well-typed according to the Curry-Howard correspondence 
of linear logic propositions as session types ||2l|3l[2Tl. This suffices, because the type system derived 
from such a correspondence ensures communication safety, session fidelity, and deadlock freedom. 

• ,i^contains all session processes that enjoy communication safety and session fidelity (as ensured by 
the type system of Vasconcelos lfT9l ) and are (dead)lock-free by combining Kobayashi’s type system 
based on usages II131I15II with Dardha et al.’s encodability result f8]. 

There are good reasons for considering .if and JC. On the one hand, due to its deep logical foundations, 
.if appears to us as the canonic class of deadlock-free session processes, upon which all other classes 
should be compared. Indeed, this class arguably offers the most principled yardstick for comparisons. On 
the other hand, ,j^integrates session type checking with the sophisticated usage discipline developed by 
Kobayashi for Ti-calculus processes. This indirect approach to deadlock freedom (first suggested in ifldl . 
later developed in ||4l|71[8l) is fairly general, as it may capture sessions with subtyping, polymorphism, 
and higher-order communication. Also, as informally shown in |4i|, J^strictly includes classes of typed 
processes induced by other type systems for deadlock freedom in sessions Il5lll0[ll61 . 

One key observation in our development is that JC corresponds to a family of classes of deadlock-free 
processes, denoted which is defined by the degree of sharing between their parallel 

components. Intuitively, JCq is the subclass of ^with independent parallel composition-, for all 
processes P \ Q & JFq, subprocesses P and Q do not share any sessions. Then, JF\ is the subclass of 
JC which contains JTq but admits also processes with parallel components that share at most one session. 
Then, JCn contains deadlock-free session processes whose parallel components share at most n sessions. 

Contributions. In this paper, we present three main conhibutions: 

1. We show that the inclusion between the constituent classes of .j^is strict (Theorem 14.41) . We have: 

c Jfj c Jf2 c ••• c c.;^+i (i) 

Although not exhemely surprising, the significance of this result lies in the fact that it talks about 
concurrency (via the degree of sharing) but implicitly also about the potential sequentiality of parallel 
processes. As such, processes in JCk are necessarily “more parallel” than those in Interestingly, 

the degree of sharing in JFq, ..., can be defined in a very simple way, via a natural condition in the 
rule for parallel composition in Kobayashi’s type system for deadlock freedom. 

2. We show that .if and JF\ coincide (Theorem 14.61) . That is, there are deadlock-free session processes 
that cannot be typed by systems derived from the Curry-Howard interpretation of session types ||3[3l 
ED, but that can be admitted by the (indirect) approach of f8|. This result is significant: it establishes 
the precise status of systems based on |[3ll2D with respect to previous (non Curry-Howard) disciplines. 
Indeed, it formally confirms that linear logic interpretations of session types naturally induce the most 
basic form of concurrent cooperation (sharing of exactly one session), embodied as the principle of 
“composition plus hiding”, a distinguishing feature of such interpretations. 

3. We define a rewriting procedure of processes in J^into .if (Defintion 15.71) . Intuitively, due to our 
previous observation and characterization of the degree of sharing in session typed processes, it is 
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quite natural to convert a process in ^into another, more parallel process in In essence, the pro¬ 
cedure replaces sequential prefixes with representative parallel components. The rewriting procedure 
satisfies fype-preservafion, and enjoys fhe composifionalify and operational correspondence criteria 
as slated in ifTTI (cf. Theorems 15.81 and [5 .1 01) . These properties nol only wifness fhe significance of fhe 
rewriting procedure; Ihey also confirm lhal fhe degree of sharing is a ralher subfle crileria for formally 
distinguishing deadlock-free, session fyped processes. 

To fhe besl of our knowledge, fhese confribufions define fhe firsf formal comparison befween fundamen- 
fally disfincl type systems for deadlock freedom in session communications. Previous comparisons, such 
as the ones in [4] and l|3l §6], are informal: they are based on representative “corner cases”, i.e., examples 
of deadlock-free session processes typable in one system but not in some other. 

The paper is structured as follows. §|2]summarizes the session Ti-calculus and associated type system 
of [T91- In §[3]we present the two typed approaches to deadlock freedom for sessions. §|4] defines fhe 
classes and formalizes fhe hierarchy ([Til, and shows fhaf .if and Jfj coincide. In §[5]we give fhe 
rewrifing procedure of info .if and esfablish ifs properlies. §[^collecls some concluding remarks. 
Due fo space resfricfions, defails of proofs are omitted; fhey can be found online f9j. 

2 Session tt- calculus 

Following Vasconcelos |[T9l . we infroduce fhe session tt- calculus and ifs associafed type sysfem which 
ensures communicafion safety and session fidelify. The synfax is given in Figure [U (upper pari). Lef P, Q 
range over processes x,y over channels and v over values; for simplicify, fhe sef of values coincides wifh 
lhal of channels. In examples, we oflen use n fo denote a lerminaled channel lhal cannol be further used. 

Process x{v).P denofes fhe oulpul of v along x, wifh continuation P. Dually, process x{y).P denotes 
an inpul along x wifh continuation P, wifh y denofing a placeholder. Process x<lj.P uses x fo selecf Ij 
from a labelled choice process, being xi> {/, : P,};g/, so as fo frigger P^-; labels indexed by fhe finite sef I 
are pairwise disfincl. We also have fhe inaclive process (denoted 0), fhe parallel composilion of P and Q 
(denoted P | Q), and fhe (double) reslricfion operalor, noled {vxy)P: fhe intention is lhal x and y denofe 
dual session endpoints in P. We omil 0 whenever possible and write, e.g., x(n) instead of x(n) .0. Notions 
of bound/free variables in processes are sfandard; we wrile fn(P) fo denote fhe sef of free names of P. 
Also, we wrile P\}’/z\ to denote the (capture-avoiding) substitution of free occurrences of z in P with v. 

The operational semantics is given in terms of a reduction relation, noted P —)• 2, and defined by fhe 
rules in Figured] (lower pari). If relies on a sfandard nofion of slruclural congruence, noled = (see ifTOll '). 
We wrile —1-* fo denote fhe reflexive, Iransilive closure of —Observe lhal inferacfion involves pre¬ 
fixes wifh differenl channels (endpoinls), and always occurs in fhe conlexl of an oulermosl (double) 
reslricfion. Key rules are (R-Com) and (R-Case), denofing fhe inferacfion of oulpul/inpul prefixes and 
selection/branching conslrucls, respecfively. Rules (R-Par), (R-Res), and (R-Str) are sfandard. 

The synfax of session lypes, ranged over r,S,..., is given by fhe following grammar. 

r,5::=end | IT.S \ \T.S \ | (B{li:Si}iei 

Above, end is fhe lype of an endpoinl wifh a lerminaled profocol. The lype IT.S is assigned fo an 
endpoinf lhal firsf receives a value of type T and Ihen conlinues according fo fhe protocol described 
by S. Dually, type \T.S is assigned to an endpoint that first outputs a value of type T and then continues 
according to the protocol described by S. Type ©{/,• : an internal choice, generalizes output 

types; type &{/, : an external choice, generalizes input types. Notice that session types describe 

sequences of structured behaviors; they do not admit parallel composition operators. 
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P,Q--= 


x{v).P 

(output) 

0 

(inaction) 

x{y).P 

(input) 

P\Q 

(composition) 

X < Ij .P 

(selection) 

{vxy)P 

(session restriction) 

x[> {/[' . F;}ig/ 

(branching) 



X 

(channel) 




(R-Com) {vxy){x{v).P \y{z).Q) ^ {vxy){P \ Q[^/z]) (R-Par) p^Q^^p\R^Q\R 

(R-Case) {vxy){x<lj.P \y>{li: Pi}i^j) ^ {vxy){P \ Pj) j€l (R-Res) P ^ Q (vxy)P ^ {vxy)Q 
(R-Str) P = P',P^Q, Q' = Q^P'^Q' 


Figure 1: Session tt- calculus: syntax and semantics. 


(T-Nil) 

X : end Fst 0 

(T-Out) 


(T-Par) 

rii^sT-f" r2i“sT2 
rior2i“sT-f’|2 

(T-Brch) 


(T-Res) 

r,x: T,y:TPsjP 

r hsT ivxy)P 


(T-In) 

r,x:S,y:rhsTP 
r,x:?r.S hsT x(y).P 

(T-Sel) 


r,x:ShsTP 


r,x : Si hsT Pi V/ € I 


r,x : S; hsT P 37 € / 


r,x : \T.S,y : T \-srx{y).P r,x : &{/,•: S/j/g/ FsT2ci>{/r : Pi}iei r,x : ©{/; : S/j/g/ Fst^coZ^.P 
Figure 2: Typing rules for the Ti-calculus with sessions. 


A central notion in session-based concurrency is duality, which relates session types offering opposite 
(i.e., complementary) behaviors. Duality stands at the basis of communication safety and session fidelity. 
Given a session type T, its dual type T is defined as follows: 

= ITS TTS = \TS 

©{/,• : 5,}/g/ = &{/,•: S;},g/ &{/,• : S,}/g/ = ©{/,-: S,},g/ end = end 

Typing contexts, ranged over by r,r', are sets of typing assignments x : T. Given a context F and a 
process P, a session typing judgement is of the form F Fst P. Typing rules are given in Figure|2] Rule (T- 
Nil) states that 0 is well-typed under a terminated channel. Rule (T-Par) types the parallel composition of 
two processes by composing their corresponding typing contexts using a splitting operator, noted o (191. 
Rule (T-Res) types a restricted process by requiring that the two endpoints have dual types. Rules (T- 
In) and (T-Out) type the receiving and sending of a value over a channel x, respectively. Finally, rules 
(T-Brch) and (T-Sel) are generalizations of input and output over a labelled set of processes. 

The main guarantees of the type system are communication safety and session fidelity, i.e., typed 
processes respect their ascribed protocols, as represented by session types. 

Theorem 2.1 (Type Preservation for Session Types). ^F hsi P and P ^ Q, then F hsi Q- 

The following notion of well-formed processes is key to single out meaningful typed processes. 

Definition 2.2 (Well -Formedness for Sessions). A process is well-formed if for any of its structural 
congruent processes of the form {vxy){P \ Q) the following hold. 

• If P and Q are prefixed at the same variable, then the variable performs the same action (input or 
output, branching or selection). 
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• IfP is prefixed in x,- and Q is prefixed in yt where Xiji G xy, then P \Q^. 

It is important to notice that well-typedness of a process does not imply the process is well-formed. 
We have the following theorem: 

Theorem 2.3 (Type Safety for Sessions (HI). If hsi P then P is wellformed. 

We present the main result of the session type system. The following theorem states that a well-typed 
closed process does not reduce to an ill-formed one. It follows immediately from Theorems 12. II and 12.31 

Theorem 2.4 ( (HI)- If I“st P and P —>^* Q, then Q is wellformed. 

An important observation is that the session type system given above does not exclude deadlocked 
processes, i.e., processes which reach a “stuck state.” This is because the interleaving of communication 
prefixes in typed processes may create extra causal dependencies not described by session types. (This 
intuitive definition of deadlocked processes will be made precise below.) A particularly insidious class 
of deadlocks is due to cyclic interleaving of channels in processes. For example, consider a process such 
as F = (vxy)(v>vz)(x(n).>v(n) | z{t).y{s)): it represents the implementation of two (simple) independent 
sessions, which get intertwined (blocked) due to the nesting induced by input and output prefixes. We 
have fhaf n : end Fst P even if P is unable fo reduce. A deadlock-free varianf of P would be, e.g., process 
P' = (vxy)(vwz)(x(n).vv(n) | y{s).z{t)), which also is fypable in [- 37 . 

We will say fhaf a process is deadlockfree if any communicafion action fhaf becomes acfive during 
execufion is evenfually consumed; fhaf is, fhere is a corresponding co-acfion fhaf evenfually becomes 
available. Below we define deadlock freedom in fhe session tt -calculus; we follow II131I151I and consider 
fair reducfion sequences 0. For simplicify, we omif fhe symmefric cases for inpuf and branching. 

Definition 2.5 (Deadlock Freedom for Session Ti-Calculus). A process Pq is deadlock-free if for any fair 
reduction sequence Pq —)• Pi —)■ P 2 vvc have that 

1. Pi = {vxy){f{v).Q I R),for i > 0, implies that there exists n > i such that 
Pn = (vxy)(x(v).2 I y{z).R\ I P 2 ) andPn+i = {vx'y'){Q \ Pi[Vz] | P 2 ); 

2. Pi = {v^){x<lj.Q\R),fori > 0 , implies that there exists n>i such that 
Pn = {vx'y'){x<lj.Q I yi>{4 : Rk}k<zivj{j} I S) and P„+i = {vx'y'){Q | Py | S). 

3 Two Approaches to Deadlock Freedom 

We infroduce fwo approaches fo deadlock-free, session fyped processes. The firsf one, given in § 13.11 
comes from inferprefafions of linear logic propositions as session types ifTT-ISlI^ ; the second approach, 
summarized in § 13.21 combines usage types for the standard tt- calculus with encodings of session pro¬ 
cesses and types Based on these two approaches, in §|4]we will define fhe classes .if and . 

3.1 Linear Logic Foundations of Session Types 

The linear logic interpretation of session types was introduced by Caires and Pfenning (3l|, and developed 
by Wadler (211 and others. Initially proposed for intutitionistic linear logic, here we consider an interpre¬ 
tation based on classical linear logic with mix principles, following a recent presentation by Caires [Ij. 

The syntax and semantics of processes are as in §[2] except for the following differences. First, we 
have the standard restriction construct (vx)P, which replaces the double restriction. Second, we have a 
so-called/orwarr/mg process, denoted [x-H-y], which intuitively “fuses” names x and y. Besides these 
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(T-1) 


0 hcH •’c: 

(T-'S) 

P\-ca^,y-A,x:B 


(T-±) 


-P l“CH A 

PI-ch^:»,A 


(T-id) 


[x^y] \-cE x:A,y:A 
(T-®) (T-cut) 

PI“chA,j:A 2 hcH A',x:B PI-chA,x:A QPce^A'-^ 


x{y).P'rc^A,x\A^B x{y).{P \ Q) hcHA,A',x:Aig)B 
(T-e) (T-&) 


P\-c^A,x'.Aj j€zl P,-hcH A,;t:A,' 


V/G/ 


(v^)(P|< 2 ) ^chA,A' 

2 hcH A' 


(T-mix) 

P PcH A 


x<ilj.P hcH A,;c: © {//: A,•},■£/ x>{Ii : hen A,x:&{li : A,-jig/ P | 2 Pch A,A' 

Figure 3: Typing rules for the tt- calculus with C-types. 


differences in syntax, we have also some minor modifications in reduction rules. Differences with respect 
to the language considered in §[2]are summarized in the following: 

P,Q ''= {vx)P (channel restriction) 

(R-ChCom) x{v).P I x{z).Q -> P I 2[''A] 

(R-ChCase) x<lj.P \ x>{li : Pi}iei ^ P \ Pj j&I 

Observe how interaction of input/output prefixes and selecfion/branching is no longer covered by an 
oufermosf resfriefion. As for fhe fype system, we consider the so-called C-types which correspond to 
linear logic propositions. They are given by the following grammar: 

A,P::=_L | 1 | A©P | A^B \ ©{Z;:A,}/g/ | &{/,-:A,};g/ 

Intuitively, © and 1 are used to type a terminated endpoint. Type A © P is associated to an endpoint that 
first outputs an object of type A and then behaves according to B. Dually, type A 'S’ B is the type of an 
endpoint that first inputs an object of type A and then continues as B. The interpretation of ©{/, : A;},g/ 
and &{/,• : A,},g/ as select and branch behaviors follows as expected. 

We define a full dualify on C-fypes, which exacfly corresponds fo fhe negafion operafor of CLL 
The dual of fype A, denoted A, is inductively defined as follows: 

T = A T = 1 ®{Z;:A;},-g/ = &A:A,W 

A©P = A>?B A^B = A®B &{/,•: A,};g/ = ©{/,•: A,};g/ 

Recall fhaf A—oB = A'^B. As explained in [Tj, considering mix principles means admitting ©^1 and 
1^©, and Iherefore © = 1. We wrife • fo denote eifher © or 1, and decree fhaf • = •. 

Typing confexls, sefs of fyping assignmenfs x : A, are ranged over A, A',.... The empfy confexf is 
denofed ‘ Typing judgmenfs are fhen of fhe form P Fch A. Figure |3] gives fhe typing rules associated 
to the linear logic interpretation. Salient points include the use of bound output (vy)x(y).P, which is 
abbreviated as x{y)P. Another highlight is the “composition plus hiding” principle implemented by 
rule (T-cut), which integrates parallel composition and restriction in a single rule. Indeed, there is no 
dedicated rule for restriction. Also, rule (T-mix) enables the typing of independent parallel compositions, 
i.e., the composition of two processes that do not share sessions. 

We now collect main results for this type system; see lUO for details. For any P, define live{P) if 
and only if P = {vn){7i.Q \ R), where n is an inpuf, oufpuf, selection, or branching prefix. 


[x y] (forwarding) 

(R-Fwd) (vx)([x-H>y] I P) —^ P[T/x] 
(R-ChRes) P ^ Q {vx)P ^ {vx)Q 
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90 7] 

(used in input) 

0 

(not usable) 

\l.u 

(used in output) 

{Ui 1 U 2 ) 

(used in parallel) 

U[T] 

(channel types) 

{1 ■ T)m 

(variant type) 


Figure 4: Syntax of usage types for the ;r-calculus. 


Theorem 3.1 (Type Preservation for C-Types), IfP Fch and P —)■ Q then Q hen 
Theorem 3.2 (Progress). IfP Fch • and live{P) then P —> Q,for some Q. 

3.2 Deadlock Freedom by Encodability 

As mentioned above, the second approach to deadlock-free session processes is indirect, in the sense that 
establishing deadlock freedom for session processes appeals to usage types for the Ti-calculus II13115L for 
which type systems enforcing deadlock freedom are well-established. Formally, this reduction exploits 
encodings of processes and types: a session process F hsi P is encoded into a (standard) Ti-calculus 
process [[F]]/ [Pj/. Next we introduce the syntax of standard Ti-calculus processes with variant 

values (§ 13.2.11) . the discipline of usage types (§ 13.2.21) . and the encodings of session processes and types 
into standard Ti-calculus processes and usage types, respectively (§ 13.2.31) . 

3.2.1 Processes 

The syntax and semantics of the tt- calculus with usage types build upon those in §|2l We require some 
modifications. First, the encoding of terms presented in § 13.2.31 requires polyadic communication. Rather 
than branching and selection constructs, the n -calculus that we consider here includes a case construct 
case vof {/;_r, i>P,},g/ that uses variant value Ijjv. Moreover, we consider the standard channel restriction, 
rather than double restriction. These modifications are summarized below: 

P^Q "= {vx)P (channel restriction) | casevof{Z,_r,>P,}(g/ (case) 

V ::= lj_v (variant value) 

(R;r-CoM) x{v).P \ x(z).Q^P \ Q'f/z\ 

(R;r-REs) P ^ Q {vx)P ^ {vx)Q 

(Rn:- Case) case Ijjv of 1 >—?► Pj Y’/xi] j 

The definition of deadlock-freedom for the tt- calculus follows II131I15II : 

Definition 3.3 (Deadlock Freedom for Standard Ti-Calculus). A process Pq is deadlock-free under fair 
scheduling, if for any fair reduction sequence Pq —Pi —)• P 2 —• the following hold 

1. if Pi = (va)(T(v).2 I R) for i > 0, implies that there exists n > i such that 
Pn = {vx)ix{i).Q I x(z).R\ I P 2 ) and P„+i = {vx){Q \ Pi[V2] | P 2 ); 

2. if Pi = {vx){x{z).Q I R)for i > 0, implies that there exists n > i such that 
Pn = {vx){x{z).Q I x(7).Pi I P 2 ) andPn+i = (vx)(e[V2] | Pi | P 2 ). 

3.2.2 Usage Types 

The syntax of usage types is defined in Figure HI For simplicity, we let a range over input ? or output 
! actions. The usage 0 describes a channel that cannot be used at all. We will often omit 0, and so we 
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will write U instead of 17.0. Usages ?^.17 and !^.17 describe channels that can be used once for input 
and output, respectively and then used according to the continuation usage U. The obligation o and 
capability K range over the set of natural numbers. The usage Ui \ U 2 describes a channel that is used 
according to Ui by one process and U 2 by another processes in parallel. 

Intuitively, obligations and capabilities describe inter-channel dependencies: 

• An obligation of level n must be fulfilled by using only capabilities of level less than n. Said differently, 
an action of obligation n must be prefixed by actions of capabilities less than n. 

• For an action with capability of level n, there must exist a co-action with obligation of level less than 
or equal to n. 

Typing contexts are sets of typing assignments and are ranged over r,r'. A typing judgement is of the 
form r P \ the annotation n explicitly denotes the greatest degree of sharing admitted in parallel pro¬ 
cesses. Before commenting on the typing rules (given in Figure [5]l, we discuss some important auxiliary 
notions, extracted from II131I15L First, the composition operation on types (denoted | , and used in rules 
T7r-(PAR)„ and T7r-(OuT)) is based on the composition of usages and is defined as follows: 

(/,■: I {h : Ti)ia = {U : Ti)ia U, [f] \ U2 [f] = {U, \ U2) [f] 

The generalization of | to typing contexts, denoted (Fi | r 2 )(v), is defined as expected. The unary 
operation applied to a usage U lifts its obligation level up to f, it is defined inductively as: 

t' 0 = 0 t' gCk-U = f (Ui I U 2 ) = (f Ui I f U 2 ) 

The y is extends to types/typing contexts as expected. Duality on usage types simply exchanges ? and !: 

^ = 0[] l%.U[f\ = \lU[f\ \%.U[f\ = ?° .U[f ] 


Operator “ ; ” in A = x : [r]a° ; F, used in rules (T;r-lN) and (T;r-OuT), is such that the following hold: 


dom(A) = {x}Udom(r) 


A(x) = 


ai.u[T] ifr(x) = u[r] 
a^[r] if x^domly) 


A(y) r(y) ify/x 


The final required notion is that of a reliable usage. It builds upon the following definition: 

Definition 3.4. Let U be a usage. The input and output obligation levels (resp. capability levels ) of U, 
written ob?(f7) and ob!(f7) (resp. capj{U) and capfU)), are defined as: 


oba(a^.f 7 ) = o cap„(a^.f 7 ) = k 

oha{U\\U2) = min{oha{Ui),oha{U2)) cap„(f 7 i | [/2) = mm(cap„([/i),cap„([/2)) 


The definition of reliable usages depends on a reduction relation on usages, noted U U'. Intuitively, 
U ^ U' means that if a channel of usage U is used for communication, then after the communication 
occurs, the channel should be used according to usage U'. Thus, e.g., ?^.f7i | ?^/-f72 reduces to Ui \ U 2 . 

Definition 3.5 (Reliability). We write cona{U) when oba{U) < cap„(f7). We write con(17) when 
con?(17) and coni (17) hold. Usage U is reliable, noted rel(17), if con{U') holds MU' such that U U'. 
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(T;r-PAR„) 

(T^-RES)^ T^KbQ 

(T;r-NIL) T,x-U[T]Pl^P re\{U) |rinri|<?i 

^T0Qh^ rh”B {vx)p Ti Ir 2 h”BPI e 


(T;r-lN) 

rj:rh»B 

A:?0[r];rh«B 


p 

x{y).P 


{jTt-Ovr) 

T,Pl^v-.f T^Pl^P 
xAl[T]-{Y,\Y2)Pl^x{v).P 


(T;r-CASE) 

(T;r-LVAL) Tj v : {h : 

rh”Bv:r,- 3j^I Y2,Xi-.TiYl^Pi Vi GI 

rh^B Ij-V : {h : Ti)i^j ri,r2 Hkb caseVof{Z/ jc/oP,•},■£/ 


Figure 5: Typing rules for the tt- calculus with usage types with degree of sharing n. 


Typing Rules. The typing rules for the standard k - calculus with usage types are given in Figure [5] 
The only difference with respect to the rules in Kobayashi’s systems II131I15II is that we annotate typing 
judgements with the degree of sharing, explicitly stated in rule (T;r-PAR„)-see below. Rule (T;r-NiL) states 
that the terminated process is typed under a terminated channel. Rule (T;r-REs) states that process {vx)P 
is well-typed if the usage for x is reliable (cf. Definition l3.5l) . Rules (T;r-lN) and (T;r-OuT) type input and 
output processes in a typing context where the “ ; ” operator is used in order to increase the obligation 
level of the channels in continuation P. Rules (t^t-LVal) and (T;r-CASE) type a choice: the first types a 
variant value with a variant type; the second types a case process using a variant value as its guard. 

Given a degree of sharing n, rule (T;r-PAR„) states that the parallel composition of processes P and Q 
(typable under contexts Fi and r 2 , respectively) is well-typed under the typing context Fi | r 2 only if 
iTi nr 2 | <n. This allows to simply characterize the “concurrent cooperation” between P and Q. As a 
consequence, if P F^b then P I-|b, for any k <n. Observe that the typing rule for parallel composition 
in II131I15I1 is the same as (T;r-PAR„), except for condition [Fi nr 2 | < n, which is not specified. 

The next theorems imply that well-typed processes by the type system in Figure |5] are deadlock-free. 

Theorem 3.6 (Type Preservation for Usage Types). ^F FJJb P P ^ Q> then F' Qfor some Y' 
such that Y —)■ F'. 

Theorem 3.7 (Deadlock Freedom). If® F^b P either P = {vx){x(z).Q \ R) or P = {vx){x{v).Q \ R), 
then P ^ Q, for some Q. 

Corollary 3.8. If® FJ^b P’ then P is deadlock-free, in the sense of Definition \3.3\ 

Theorem |3i2] (progress for the linear logic system) and Theorem [T7] (deadlock freedom for the stan¬ 
dard TT-calculus) have a rather similar formulation: both properties state that processes can always reduce 
if they are well-typed (under the empty typing context) and have an appropriate structure (i.e., condition 
live{P) in Theorem l3.2l and condition P = {vx){x(z).Q \ R) or P = {vx)(x{v).Q \ R) in Theorem 13.71) . 

3.2.3 Encodings of Processes and Types 

Encoding of Processes. To relate classes of processes obtained by the different type systems given so 
far, we rewrite a session typed or C-typed process into a usage typed process by following a continuation¬ 
passing style: this allows us to mimic the structure of a session or C-type by sending its continuation as 
a payload over a channel. This idea, suggested in llT4l and developed in Ijj], is recalled in Figure!^ 
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lx{v).Pjf = {vc)f^{v,c).lPjf^{^^,} 
- fx{y,c).lPjp{x^c} 
lx<lj.Plf 4 {vc)Mlj.c).lPjf,{x^c} 


lxt>{li : Pi}i^jjf = f^{y). casejof{Z,-_co [[P;]] f^{x^c}}iei 
l{vxy)P}f ^ 

IP I <21/ = [PI/ I iQJf 


Figure 6: Encoding of session processes into tt- calculus processes. 


[endlsu 

= 0[] 

[endlc 

= • 

VT.Sjsu 


[?r.sic 

= [Tic'P Me 

[!T.Slsu 

= !°JlTlsu,Msu] 

IlP.Slc 

= I^c©Mc 

Si}iei}su 

= ?° [a- : 

l&ih : Si}ieijc 

= &{Z,:M]cW 

5i}/e/lsu 

= : [^su),'e/] 

[©{/) : 

= ©U-:MlcW 


Figure 7: Encodings of session types into usage types (Eeft) and C-types (Right). 


Encoding of Types. We formally relate session types and logic propositions to usage types by means 
of the encodings given in Figure|7j The former one, denoted as denoted [-Isu. is taken from fS]. 

Definition 3.9. Let T be a session typing context. The encoding into usage typing context and I'lc 
into C-typing context is inductively defined as follows: 

Mf = Me = 0 [r,^: Tjf 4 iryj ,: |ri,, [r,^: ri^ = ric,^: [ric 

Lemma 3.10 (Duality and encoding of session types). Let T,S be finite session types. 

Then: (i) T = S if and only i/lPlc = Mo (h) T = S if and only //’[Plsu = Msu. 

On Deadlock Freedom by Encoding. The next results relate deadlock freedom, typing and encoding. 
Proposition 3.11. Let P be a deadlock-free session process, then [Pj f is a deadlock-free K-process. 

Proof. Follows by the encoding of terms given in FigureDefinition |23] and Definition [33] □ 

Next we recall an important result relating deadlock freedom and typing, by following [4|. 
Corollary 3.12. Let hsT P be a session process. IfP^-g [P]/ is deadlock-free then P is deadlock-free. 

4 A Hierarchy of Deadlock-Free Session Typed Processes 

Preliminaries. To formally define fhe classes and JC, we require some auxiliary definitions. The 
following franslafion addresses minor synfacfic differences befween session typed processes (cf. §|2]l 
and fhe processes fypable in fhe linear logic inferprefafion of session types (cf. § 13.11) . Such differences 
concern oufpuf aefions and fhe resfriefion operator: 

Definition 4.1. Let P be a session process. The translation J is defined as 

|x(y).P^ = x(z).([z^y] I m) i:(vxy)P^ = (vw)^P^[w/x][w/ 3 .] w0fn(P) 


and as an homomorphism for the other process constructs. 
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Let I'Jc denote the encoding of session types into linear logic propositions in Figure |7] (right). Recall 
that [[•]]/ stands for the encoding of processes and l-Jsu for the encoding of types, both defined in lUl, and 
given here in Figure|6]and Figure|7](left), respectively. We may then formally define the languages under 
comparison as follows: 

Definition 4.2 (Typed Languages). The languages ££ and (n>0) are defined as follows: 

= {P|3r. (FhsTFAm^CHlric)} 

X = {p|3r,/.(rhsTPAri/h”B|Pi/)} 


Main Results. Our first observation is that there are processes in X but not in X: 

Lemma 4.3. X C X- 

Proof. X contains (deadlock-free) session processes not captured in X- A representative example is: 

Pi = {va\b\){va 2 b 2 ){a]_{x). d^{x) \ bi{n). b 2 {z)) 

This process is not in X because it involves the composition of two parallel processes which share two 
sessions. As such, it is typable in hjjg (with n>2) but not in h^g. □ 

The previous result generalizes easily, so as to define a hierarchy of deadlock-free, session processes: 
Theorem 4.4. For all n>\,we have that X C X+i- 

Proof Immediate by considering one of the following processes, which generalize process P 2 in 
Lemma l43t 

Pn+\ = {vaibi){va 2 b 2 )---{van+\bn+\){ai{x).al{x).---.df[ff{y) \bi{n).b 2 {z). ■■■bn+fiz)) 
Qn+\ = {vaib\){va 2 b 2 )---{van+ibn+i){ai{x).df{x).---.a„^i{y)\b\{n).b 2 {z). ••X„+i(n)) 

To distinguish X+i from X^ we consider P„+i if n -|- 1 is even and Qn+\ otherwise. □ 

One main result of this paper is that X and X coincide. Before stating this result, we make the 
following observations. The typing rules for processes in X do not directly allow free output. How¬ 
ever, free output is representable (and typable) by linear logic types by means of the transformation in 
Definition 14. II Thus, considered processes are not syntactically equal. In X there is cooperating compo¬ 
sition (enabled by rule (T-cut) in Figure^; independent composition can only be enabled by rule (T-mix). 
Arbitrary restriction is not allowed; only restriction of parallel processes. 

The following property is key in our developments: it connects our encodings of (dual) session 
types into usage types with reliability (Definition 13.51) . a central notion to the type system for deadlock 
freedom in FigurelH Recall that, unlike usage types, there is no parallel composition operator at the level 
of session types. 

Proposition 4.5. Let T be a session type. Then rel(|[r]su | [[T]]su) holds. 

Proof (Sketch). By induction on the structure of session type T and the definitions of [-Jsu and predicate 
rel(-), using Lemma[3T0] (encodings of types preserve session type duality). See fQI for details. □ 

We then have the following main result, whose proof is detailed in f9l|: 

Theorem 4.6. X = X- 
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Therefore, we have the following corollary, which attests that the class of deadlock-free session 
processes naturally induced by linear logic interpretations of session types is strictly included in the class 
induced by the indirect approach of Dardha et al. [8] (cf. § I3.2I) . 

Corollary 4.7. ^ C n> 1. 

The fact that (deadlock-free) processes such as P 2 (cf. Lemma 1431) are not in .if is informally discussed 
in 131 §6]. However, [T] gives no formal comparisons with other classes of deadlock-free processes. 


5 Rewriting into ^ 

The hierarchy of deadlock-free session processes established by Theorem 14.41 is subtle in the following 
sense: if /* € ^+1 but P 0 JTk (with k>\) then we know that there is a subprocess of P that needs to 
be “adjusted” in order to “fit in” J^. More precisely, we know that such a subprocess of P must become 
more independent in order to be typable under the lesser degree of sharing k. 

Here we propose a rewriting procedure that converts processes in into processes in Jfj (that 
is, .if, by Theorem 14.61) . The rewriting procedure follows a simple idea: given a parallel process as 
input, return as output a process in which one of the components is kept unchanged, but the other is 
replaced by parallel representatives of the sessions implemented in it. Such parallel representatives are 
formally defined as characteristic processes and catalyzers, introduced next. The rewriting procedure is 
type preserving and satisfies operational correspondence (cf. Theorems 15.8l and l5.101) . 


5.1 Preliminaries: Characteristic Processes and Catalyzers 

Before presenting our rewriting procedure, let us first introduce some preliminary results. 

Definition 5.1 (Characteristic Processes of a Session Type). Let T be a session type (cf. §121). Given a 
name x, the set of characteristic processes ofT, denoted {|Tp, is inductively defined as follows: 


^endp 

^?r.sp 


{P|PhcH^:*} 

{x(y).P|PhcHy:[rlc,^:Mc} 

{x(y).(p|e)|P€rrAe€M"} 

{x>{Z,:P,},-e/|V/E/.P,G-aS,p} 


Definition 5.2 (Catalyzer). Given a session typing context T, we define its associated catalyzer as a 
process context as follows: 


^ 0 [-] = [•] = (vx)('rr[-] | P) with P € -87^ 


We record the fact that characteristic processes are well-typed in the system of § 13.11 
Lemma 5.3. Let T be a session type. For ail P G {|rp, we have: P Lch x'- [PJc 

We use {|Pp Lch x ■ [P]c to denote the set of processes P G {|rp such that P hcH ^ ■ [T’lc- 
Lemma 5.4 (Catalyzers Preserve Typability). Let F hsi P <^nd F' C F. Then [P] I“ch [r]c \ 
Corollary 5.5. Let L Lst P. Then [P] I“ch 0- 
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5.2 Rewriting in J/f 

We start this section with some notations. First, in order to represent pseudo-non deterministic binary 
choices between two equally typed processes, we introduce the following: 

Notation 5.6. Let P\, P 2 be two processes such that k ^ fn(Pi,P 2 ). We write Pi \\k Pi to stand for the 
process inx.O | fct> {ini : Pi, inr : P 2 }), where label inx stands for either ini or inr. 

Clearly, since session execution is purely deterministic, notation Pi \\kP 2 denotes that either P\ or 
Pi will be executed (and that the actual deterministic choice is not relevant). It is worth adding that 
Caires has already developed the technical machinery required to include non deterministic behavior 
into the linear logic interpretation of session types; see |T]. Casting our rewriting procedure into the 
typed framework of [T], so as to consider actual non deterministic choices, is interesting future work. 

We find it convenient to annotate bound names in processes with session types, and write (vxy : T)P 
and x{y : P).P, for some session type T. When the reduction relation involves a left or right choice 
in a binary labelled choice, as in reductions due to pseudo-non deterministic choices (Notation 15.61) . we 
sometimes annotate the reduction as —or —We let C denote a process context, i.e., a process with 
a hole. And finally, for a fyping confexf F, we shall wrife {|r|} fo denofe fhe process n(w,: 7 ;) 6 r 
We are now ready fo give fhe rewrifing procedure from Jifi fo Lf. 

Definition 5.7 (Rewrifing info J^). Let P G such that F hsT P,for some F. The encoding (F Fst PD 
is a process of ^ inductively defined as follows: 


(x : end Fst OD = 0 

r hsT ^(v).P'D = x(z).([vG^z] I r A : ^ST P'P) 


r = r',x: \T.S,v:T 
r = r',x:iT.s 


r : T).P'\j =x(y).r A ■S,y:T FstP'P 

dFhsTXoZy.P'D =x<lj.lir',x :Sj hsT P'D 
(F hsT xi> {/; : Pi}iei\) =x>{li : dr',x : Si Fst Pi\)}iei 
r hsT (v;^ : S){P I Q)\, ^ •ar2[) | %[ri Fst PW/A] 


r = r',x : ©{/,•: 5 ,•},•£/ 
r = r',x : &{/,•: Si}iei 


r = ri or2 Ari,x: si-stP 
r2,y '-V \-sT QLVi = Si 



We illusfrafe fhe procedure in f9i. Nofice thaf fhe rewrifing procedure given in Definition 15.71 saf- 
isfies fhe composifionalify criferia given in llTTIl . In particular, if is easy fo see fhat fhe rewriting of 
a composition of terms is defined in terms of the rewriting of the constituent subterms. Indeed, e.g., 
(Fi or2 hsT (vxy : S)(P I Q)\) depends on a context including both (|ri,x : S Fst PD and (|r2,y : S Fst 2D- 
We present two important results about our rewriting procedure. First, we show it is type preserving: 

Theorem 5.8 (Rewriting is Type Preserving). Let (F hsT P) G Then, (F hsi T’D Fch [He- 

Notice that the inverse of the previous theorem is trivial by following the definition of typed encoding. 
Theorem 15.81 is meaningful, for it says that the type interface of a process (i.e., the set of sessions im¬ 
plemented in it) is not modified by the rewriting procedure. That is, the procedure modifies the process 
structure by closely following the causality relations described by (session) types. Notice that causality 
relations present in processes, but not described at the level of types, may be removed. 

The rewriting procedure also satisfies an operational correspondence result. Let us write F Fst Pi,Pi 
whenever both F Fst A and F hsx P 2 hold. We have the following auxiliary definition: 
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Definition 5.9. Let P,P' be such that F hsx P,P'- Then, we write P = P' if and only if P = C[Q] and 
P' = for some context C, and there is T' such that T' hsx Q, Q'. 

Theorem 5.10 (Operational Correspondence). Let P € Jfn ^uch that F hsi Pfor some F Then we have: 

I) IfP P' then there exist Q, Q’ s.t. (i) ^F hgi P^ Q; (ii) Q = Q'; (in) ^F hgi P'D Q'. 

II) If(\r hsT PD —Q then there exists P' s.t. P —)• P' and 2 (|r Fsj P^[). 

6 Concluding Remarks 

We have presented a formal comparison of fundamentally distinct type systems for deadlock-free, session 
typed processes. To the best of our knowledge, ours is the first work to establish precise relationships of 
this kind. Indeed, prior comparisons between type systems for deadlock freedom are informal, given in 
terms of representative examples typable in one type system but not in some other. 

An immediate difficulty in giving a unified account of different typed frameworks for deadlock free¬ 
dom is the variety of process languages, type structures, and typing rules that define each framework. 
Indeed, our comparisons involve: fhe framework of session processes put forward by Vasconcelos (191; 
the interpretation of linear logic propositions as session types by Caires |T| ; the Ti-calculus with usage 
types defined by Kobayashi in (TSl . Finding some common ground for comparing these three frame¬ 
works is not trivial—several translations/transformations were required in our developments to account 
for numerous syntactic differences. We made an effort to follow the exact definitions in each framework. 
Overall, we believe that we managed to concentrate on essential semantic features of two salient classes 
of deadlock-free session processes, noted and JC. 

Our main contribution is identifying the degree of sharing as a subtle, important issue that underlies 
both session typing and deadlock freedom. We propose a simple characterization of the degree of shar¬ 
ing: in essence, it arises via an explicit premise for the typing rule for parallel composition in the type 
system in ifTSl . The degree of sharing is shown to effectively induce a strict hierarchy of deadlock-free 
session processes in JC, as resulting from the approach of | 8]. We showed that the most elementary (and 
non trivial) member of this hierarchy precisely corresponds to .if-arguably the most canonical class of 
session typed processes known to date. Furthermore, by exhibiting an intuitive rewriting procedure of 
processes in JC into processes in .if, we demonstrated that the degree of sharing is a subtle criteria for 
distinguishing deadlock-free processes. As such, even if our technical developments are technically sim¬ 
ple, in our view they substantially clarify our understanding of type systems for liveness properties (such 
as deadlock freedom) in the context of Ti-calculus processes. 

As future work, we would like to obtain semantic characterizations of the degree of sharing, in 
the form of, e.g., preorders on typed processes that distinguish when one process “is more parallel” 
than another. We plan also to extend our formal relationships to cover typing disciplines with infinite 
behavior. We notice that the approach of f^i] extends to recursive behavior fT| and that infinite (yet non 
divergent) behavior has been incorporated into logic-based session types llTSl . Finally, we plan to explore 
whether the rewriting procedure given in §[5]could be adapted into a deadlock resolution procedure. 
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